πΊπΈ
TPI-Abuse
2026-07-18 13:39:14
(4 hours ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 09:39:08.762438 2026] [security2:error] [pid 31413:tid 31474] [client 183.87.96.118:25556] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||howardhallis.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "howardhallis.com"] [uri "/doctorstrange"] [unique_id "aluB_LzoSbh1KoI43U7O_AAAAcQ"], referer: https://howardhallis.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-17 03:52:32
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:52:25.800175 2026] [security2:error] [pid 900094:tid 900094] [client 183.87.96.118:25450] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||uniquetreasuresshops.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "uniquetreasuresshops.com"] [uri "/"] [unique_id "almm-bK2In2VU1aBjB4j8AAAAAw"], referer: https://uniquetreasuresshops.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 18:05:07
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:05:03.206994 2026] [security2:error] [pid 17355:tid 17389] [client 183.87.96.118:62238] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||royaleconomicsacademy.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "royaleconomicsacademy.com"] [uri "/"] [unique_id "alkdTzq93yQFWpW2_skezgAAABQ"], referer: https://royaleconomicsacademy.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
1gz
2026-07-16 02:04:11
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/2 (GET method) ...
show more
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /lajme/eulexi
UA: Mozilla/5.0 (X11; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-16 01:36:41
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:36:35.562793 2026] [security2:error] [pid 27019:tid 27019] [client 183.87.96.118:42427] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||tulsatvmemories.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "tulsatvmemories.com"] [uri "/gb112107.html"] [unique_id "alg1o_CGCrKRXrjuNd5YsQAAACk"], referer: https://tulsatvmemories.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-15 04:43:23
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 00:43:15.920916 2026] [security2:error] [pid 22927:tid 22927] [client 183.87.96.118:57322] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||yerevanpress.am|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "yerevanpress.am"] [uri "/"] [unique_id "alcP44wx6KXCQDGkaFT3qwAAAAQ"], referer: https://yerevanpress.am/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 02:20:20
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:20:12.979888 2026] [security2:error] [pid 18107:tid 18107] [client 183.87.96.118:60966] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||dolphin-view.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dolphin-view.com"] [uri "/"] [unique_id "alWc3PRVQg_ED2aeS0nWcQAAABg"], referer: https://dolphin-view.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 23:17:58
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 19:17:51.950625 2026] [security2:error] [pid 15585:tid 15585] [client 183.87.96.118:36966] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||circleinthesquare.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "circleinthesquare.org"] [uri "/"] [unique_id "alVyH9kT9bxKpzW-IIstuAAAAAg"], referer: https://circleinthesquare.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 19:33:49
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 15:33:46.688935 2026] [security2:error] [pid 3301:tid 3301] [client 183.87.96.118:16790] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||player-care.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "player-care.com"] [uri "/playtech.html"] [unique_id "alU9mvNI3v0JpfkqBGrW5AAAAAY"], referer: https://player-care.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 11:30:11
(5 days ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in printer-friendly.asp
show less
Exploited Host
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-13 04:12:40
(5 days ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:12:29.387160 2026] [security2:error] [pid 14224:tid 14224] [client 183.87.96.118:60869] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.recetabook.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.recetabook.com"] [uri "/403.shtml"] [unique_id "alRlrY3snCMc7plczYNtuQAAACE"], referer: https://recetabook.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 14:34:02
(1 week ago)
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 183.87.96.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:33:57.850700 2026] [security2:error] [pid 5563:tid 5563] [client 183.87.96.118:39086] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.mavikalem.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mavikalem.org"] [uri "/mavi-kalem-sosyal-yardimlasma-ve-dayanisma-dernegi/"] [unique_id "alEC1er14V7ErdTiauddawAAAAM"], referer: https://mavikalem.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
kosada.com
2026-07-06 11:55:50
(1 week ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
πΊπΈ
kosada.com
2026-07-06 05:25:54
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
πΊπΈ
kosada.com
2026-07-03 02:10:38
(2 weeks ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot